@aleksandar.astardzhiev I have never come across issue where PA does improper categorization for our subdomains in last 7 years and new do keep popping up every now and then and we have close to 50. Even if it did new subdomains got through testing phase before and it would come to light then and can be resolved. And I see these as someone not following proper channel to come to our websites and thus see no harm in stopping them as in screenshot below. We can agree to disagree on this, but my initial question still remains why changing to SSL passthrough on F5 does PA see them coming as https://x.x.x.x and not https://domain-name, where as traffic from same sources during test with F5 VIP as SSL offload or SSL bridging this is not an issue.
... View more